Guest

Preview Tool

Cisco Bug: CSCtf02164 - tacacs authentication results in error

Last Modified

Feb 22, 2014

Products (1)

  • Cisco ACE GSS 4400 Series Global Site Selector Appliances

Known Affected Releases

3.0(1.0.0)

Description (partial)

Symptom:

1] Fix to this bug CSCso01410 triggered this current tacacs authentication bug.
2] When user is denied for certain commands in ACS/tac_plus, for ex: config
   the GSS allows that command to execute using locally configured admin user credentials.
3] The error return from the ACS and tac_plus is FAIL(Ox10), bug GSS pam_module throws ERROR(Ox11) instead of FAIL.
4] This issue is there from 3.0.1 release.
 
 
before fix:
 
#conf
Authorization failed for command "conf".
 
after fix to CSCso01410 :
 
gss6.gss-campus.com#conf                      
TACACS error. Attempting local authorization ...
(config)#


Conditions:

GSS running at least 3.0.1 code.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.